Known Vulnerabilities for Notebook by Jupyter
Listed below are 10 of the newest known vulnerabilities associated with "Notebook" by "Jupyter".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33670 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to travers... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2022-24758 | The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized acto... | 7.5 - HIGH | 2022-03-31 | 2022-04-08 |
| CVE-2021-32798 | The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook c... | 9.6 - CRITICAL | 2021-08-09 | 2021-08-17 |
| CVE-2020-26215 | Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server cou... | 6.1 - MEDIUM | 2020-11-18 | 2020-12-03 |
| CVE-2019-10856 | In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete ... | 6.1 - MEDIUM | 2019-04-04 | 2019-04-05 |
| CVE-2019-10255 | An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in Jupyt... | 6.1 - MEDIUM | 2019-03-28 | 2023-11-07 |
| CVE-2019-9644 | An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious page... | 5.4 - MEDIUM | 2019-03-12 | 2023-11-07 |
| CVE-2018-21030 | Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for ex... | 5.3 - MEDIUM | 2019-10-31 | 2020-11-19 |
| CVE-2018-19352 | Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles... | 6.1 - MEDIUM | 2018-11-18 | 2018-12-17 |
| CVE-2018-19351 | Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the sam... | 6.1 - MEDIUM | 2018-11-18 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jupyter | Notebook | 6.1.5 | All | All | All |
| Application | Jupyter | Notebook | 6.1.4 | All | All | All |
| Application | Jupyter | Notebook | 6.1.3 | All | All | All |
| Application | Jupyter | Notebook | 6.1.2 | All | All | All |
| Application | Jupyter | Notebook | 6.1.1 | All | All | All |
| Application | Jupyter | Notebook | 6.1.0 | rc1 | All | All |
| Application | Jupyter | Notebook | 6.1.0 | - | All | All |
| Application | Jupyter | Notebook | 6.0.3 | All | All | All |
| Application | Jupyter | Notebook | 6.0.2 | All | All | All |
| Application | Jupyter | Notebook | 6.0.1 | All | All | All |
| Application | Jupyter | Notebook | 6.0.0 | rc1 | All | All |
| Application | Jupyter | Notebook | 6.0.0 | All | All | All |
| Application | Jupyter | Notebook | 5.7.9 | All | All | All |
| Application | Jupyter | Notebook | 5.7.8 | All | All | All |
| Application | Jupyter | Notebook | 5.7.7 | All | All | All |
| Application | Jupyter | Notebook | 5.7.6 | All | All | All |
| Application | Jupyter | Notebook | 5.7.5 | All | All | All |
| Application | Jupyter | Notebook | 5.7.4 | All | All | All |
| Application | Jupyter | Notebook | 5.7.3 | All | All | All |
| Application | Jupyter | Notebook | 5.7.2 | All | All | All |